def Main():
Menu = optparse.OptionParser(usage='python %prog [options]',
version='%prog ' + __version__)
Menu.add_option('-d',
'--detect',
action="store_true",
dest="detect",
help='detect vulnerabilities on the current machine')
Menu.add_option('-i',
'--check',
action="store_true",
dest="check",
help='check if the edb-id is verified')
Menu.add_option('-r',
'--remote',
action="store_true",
dest="remote",
help='attack a target remotely')
Menu.add_option('-n',
'--noexec',
action="store_true",
dest="noexec",
help='don\'t execute the exploit')
Menu.add_option('-f',
'--find',
type="str",
dest="find",
help='looking for an exploit by its vulnerable software')
Menu.add_option('-c',
'--cve',
type="str",
dest="cve",
help='looks for the CVE from its name')
Menu.add_option('-e',
'--edb',
type="str",
dest="edb",
help='looks for the CVE from its EDB-ID')
Menu.add_option('-l',
'--lang',
type="str",
dest="lang",
help='langage of the exploit. [Default: c]')
Menu.add_option('--critical',
action="store_true",
dest="critical",
help='show the last criticals vulnerabilities')
Menu.add_option('--shodan',
action="store_true",
dest="shodan",
help='search targets from a given CVE')
(options, args) = Menu.parse_args()
Langages = optparse.OptionGroup(
Menu, "Langages",
"sh\n ruby\n perl\n python\n php\n c++\n c\n metasploit\n text\n")
Menu.add_option_group(Langages)
Examples = optparse.OptionGroup(
Menu, "Examples", """python cve-maker.py -f "Apache 2.4"
python cve-maker.py -e 12345 -l ruby -n
python cve-maker.py -c 2019-98765 --shodan
python cve-maker.py -f "php 8.1.0" --shodan
python cve-maker.py --critical"""
)
Menu.add_option_group(Examples)
if len(args) != 0 or options == {
'detect': None,
'check': None,
'remote': None,
'noexec': None,
'find': None,
'cve': None,
'edb': None,
'lang': None,
'critical': None,
'shodan': None
}:
Menu.print_help()
print('')
print(' %s' % __description__)
print(' Source code put in public domain by ' + bcolors.PURPLE +
bcolors.BOLD + 'msd0pe' + bcolors.ENDC + bcolors.ENDC + ',' +
bcolors.RED + bcolors.BOLD + 'no Copyright' + bcolors.ENDC +
bcolors.ENDC)
print(' Any malicious or illegal activity may be punishable by law')
print(' Use at your own risk')
elif len(args) == 0:
try:
if options.critical == True:
last.GetLastCritical()
if options.shodan == True:
try:
with open("shodan_api.key", "r") as api_file:
api_key = api_file.read()
except:
print()
api_key = input(infos.INFO +
"Enter your shodan api key : " +
bcolors.ENDC + bcolors.ENDC)
with open("shodan_api.key", "w") as api_file:
api_file.write(api_key)
if options.cve != None or options.find != None:
if options.find != None:
shodan.Shodan(api_key, options.find, "", "",
options.find)
exit(0)
shodan.ProductVersionIdentify(options.cve)
shodan.Shodan(api_key, shodan.vendors_versions,
shodan.products_versions, options.cve,
options.find)
else:
print("\n" + infos.ERROR +
"You must specify a CVE-NAME !\n")
exit(0)
elif options.remote == True:
detect.SearchExploit(options.find, options.check)
payloads.CreateDirectory()
payloads.FindCVE(options.cve, options.edb, options.lang)
detect.DetectCompilationOptions(payloads.payload,
payloads.name,
payloads.name_ext,
options.lang, True)
payloads.WritePayload(payloads.payload, payloads.name_ext,
options.lang)
payloads.CustomizePayload(payloads.name_ext)
payloads.Compilation(payloads.name, detect.command,
options.lang, True)
remote.Menu(options.remote, payloads.name, payloads.name_ext,
options.lang, detect.command, detect.usage,
payloads.name)
else:
detect.SearchExploit(options.find, options.check)
detect.DetectCVE(options.detect, options.check)
payloads.CreateDirectory()
payloads.FindCVE(options.cve, options.edb, options.lang)
detect.DetectCompilationOptions(payloads.payload,
payloads.name,
payloads.name_ext,
options.lang, None)
payloads.WritePayload(payloads.payload, payloads.name_ext,
options.lang)
payloads.CustomizePayload(payloads.name_ext)
payloads.Compilation(payloads.name, detect.command,
options.lang, None)
payloads.Execute(payloads.name, payloads.name_ext,
options.lang, detect.usage, options.noexec)
except NameError:
if options.noexec == True and (options.cve or options.edb) == None:
print("\n" + infos.ERROR +
"You must specify a CVE-NAME or a EDB-ID !\n")
elif options.check == True and options.detect == None and options.find == None:
print("\n" + infos.ERROR +
"Don't forget the '-d' or '-f' option !\n")
elif options.remote == True and options.cve == None and options.edb == None and options.lang == None:
print(
"\n" + infos.ERROR +
"Don't forget the '-e', '-l' or '-c' option for the remote machine !\n"
)
else:
pass
except AttributeError:
if options.remote == True and options.find != None:
print(
"\n" + infos.ERROR +
"The remote option couldn't be use with the find option !\n"
)
else:
Menu.print_help()
print('')
print(' %s' % __description__)
print(' Source code put in public domain by ' + bcolors.PURPLE +
bcolors.BOLD + 'msd0pe' + bcolors.ENDC + bcolors.ENDC + ',' +
bcolors.RED + bcolors.BOLD + 'no Copyright' + bcolors.ENDC +
bcolors.ENDC)
print(' Any malicious or illegal activity may be punishable by law')
print(' Use at your own risk')
def Main():
Menu = optparse.OptionParser(usage='python %prog [options] site', version='%prog ' + __version__)
Menu.add_option('-d', '--detect', action="store_true", dest="detect", help='detect vulnerabilities on the current machine')
Menu.add_option('-i', '--check', action="store_true", dest="check", help='check if the edb-id is verified')
Menu.add_option('-r', '--remote', action="store_true", dest="remote", help='attack a target remotely')
Menu.add_option('-f', '--find', type="str", dest="find", help='looking for an exploit by its vulnerable software')
Menu.add_option('-c', '--cve', type="str", dest="cve", help='looks for the CVE from its name')
Menu.add_option('-e', '--edb', type="str", dest="edb", help='looks for the CVE from its EDB-ID')
Menu.add_option('-g', '--gcc', type="str", dest="gcc", help='add options to compilation')
Menu.add_option('-l', '--lang', type="str", dest="lang", help='langage of the exploit. [Default: c]')
(options, args) = Menu.parse_args()
Sites = optparse.OptionGroup(Menu, "Available 0day sites", "exploit_db\n")
Menu.add_option_group(Sites)
Langages = optparse.OptionGroup(Menu, "Langages", "sh\n ruby\n perl\n python\n php\n c++\n c\n")
Menu.add_option_group(Langages)
Examples = optparse.OptionGroup(Menu, "Examples", 'python cve-maker -e 12345 -l ruby exploit_db python cve-maker -c 2019-98765 -g "-lpthread" exploit_db')
Menu.add_option_group(Examples)
sites = {"exploit_db"}
if len(args) != 1:
Menu.print_help()
print('')
print(' %s' % __description__)
print(' Source code put in public domain by ' + bcolors.PURPLE + bcolors.BOLD + 'msd0pe' + bcolors.ENDC + bcolors.ENDC + ',' + bcolors.RED + bcolors.BOLD + 'no Copyright' + bcolors.ENDC + bcolors.ENDC)
print(' Any malicious or illegal activity may be punishable by law')
print(' Use at your own risk')
elif len(args) == 1:
site = args[0]
if site in sites:
try:
if options.remote == True:
detect.SearchExploit(options.find, options.check)
payloads.CreateDirectory()
payloads.FindCVE(site, options.cve, options.edb)
payloads.WritePayload(payloads.payload, payloads.name, options.lang)
remote.Menu(options.remote, payloads.payload, payloads.name, options.lang, payloads.name)
else:
detect.SearchExploit(options.find, options.check)
detect.DetectCVE(site, options.detect, options.check)
payloads.CreateDirectory()
payloads.FindCVE(site, options.cve, options.edb)
payloads.WritePayload(payloads.payload, payloads.name, options.lang)
payloads.Compilation(payloads.name, options.gcc, options.lang)
payloads.Execute(payloads.name, options.lang)
except NameError:
if options.cve == None and options.edb == None and options.detect == None and options.check == None and options.find == None and options.remote == None:
print(bcolors.RED + bcolors.BOLD + "\nYou must specify a CVE-NAME or a EDB-ID !\n" + bcolors.ENDC + bcolors.ENDC)
elif options.check == True and options.detect == None and options.find == None:
print(bcolors.RED + bcolors.BOLD + "\nDon't forget the '-d' or '-f' option !\n" + bcolors.ENDC + bcolors.ENDC)
elif options.remote == True and options.cve == None and options.edb == None and options.lang == None:
print(bcolors.RED + bcolors.BOLD + "\nDon't forget the '-e', '-l' or '-c' option for the remote machine !\n" + bcolors.ENDC + bcolors.ENDC)
else:
pass
except AttributeError:
if options.remote == True and options.find != None:
print(bcolors.RED + bcolors.BOLD + "\nThe remote option couldn't be use with the find option !\n" + bcolors.ENDC + bcolors.ENDC)
else:
Menu.print_help()
print('')
print(' %s' % __description__)
print(' Source code put in public domain by ' + bcolors.PURPLE + bcolors.BOLD + 'msd0pe' + bcolors.ENDC + bcolors.ENDC + ',' + bcolors.RED + bcolors.BOLD + 'no Copyright' + bcolors.ENDC + bcolors.ENDC)
print(' Any malicious or illegal activity may be punishable by law')
print(' Use at your own risk')